Cyber crime

TOPIC : CYBER CRIME
PRESENTER : DR. SOREINGAM RAGUI
MODERATOR : PROF. H. NABACHANDRA

W HAT

IS CYBER CRIME ?

Cyber crime refers to any crime
that involves a computer/mobile
and a network. The computer
may have been used in the
commission of a crime, or it may
be the target.

INTRODUCTION
The internet in India is growing
rapidly. It has given rise to new
opportunities in every field we can think
of – be it entertainment, business, sports
or education.
There are two sides to a coin. Internet
also has its own disadvantages. One of
the major disadvantages is Cyber crime
– illegal activity committed on the
internet.

HISTORY OF CYBER CRIME
In 1820, Joseph-Marie Jacquard, a textile
manufacturer in France, produced the loom.
This device allowed the repetition of a series of
steps in the weaving of special fabrics.
This resulted in a fear amongst Jacquard's
employees that their traditional employment
and livelihood were being threatened.
They committed acts of sabotage to
discourage Jacquard from further use of the
new technology. This is the first recorded
cyber crime.

INDIA STANDS 11TH IN THE RANKING FOR CYBER CRIME IN
THE WORLD, CONSTITUTING 3% OF THE GLOBAL CYBER
CRIME.

WHY INDIA ?

A rapidly growing online user base

121 Million Internet Users
65 Million Active Internet Users, up by
28% from 51 million in 2010
50 Million users shop online on
Ecommerce and Online Shopping Sites

46+ Million Social Network Users
346 million mobile users had
subscribed to Data Packages. (Source:
IAMAI; Juxt; we are social 2011)

Cost Of Cyber Crime In India (2010)
29.9 million people fell victim to
cybercrime,
$4 billion in direct financial losses,
$3.6 billion in time spent resolving the
crime,
4 in 5 online adults (80%) have been a
victim of Cybercrime,
17% of adults online have experienced
cybercrime on their mobile phone.
Source: Norton Cybercrime Report 2011

The police have recorded 3,038 cases but made only 2,700
arrests in 3 years (between 2007 and 2010)
India registered only 1,350 cases under the IT Act and IPC in 2010
50% of cybercrimes are not even reported

 A total number of 90, 119, 252 and 219 Government
websites tracked by the Indian Computer Emergency
Response Team (CERT-In) were hacked / defaced by
various hacker groups in the year 2008, 2009, 2010
and Jan–Oct 2011 respectively

HOW IT DIFFERS FROM
TERRESTRIAL CRIME?

 Easy to learn how to commit
 Require few resources
relative to the potential
damage caused
 Can be committed in a
jurisdiction without being
physically present in it
 Are often not clearly illegal

TYPES
Cyber Crime refers to all activities done
with criminal intent in cyberspace. These
fall into three slots.
Cyberspace is the electronic medium of
computer networks in which online
communication takes place.
1. Those against persons.
2. Against Business and Non-business
organizations.

3. Crime targeting the government.

 Computer as a tool
 Computer as a target
 Computer as an
instrumentality
 Crime associated with
prevalence of
computers

COMPUTER AS A
TOOL
• When the individual is the main
target of the crime the computer
can be considered as a tool rather
than target.

• These crimes are not done by
technical experts.
• Eg: Spam, cyber stalking , cyber
theft etc

COMPUTER AS A
TARGET
• These crimes are committed by
a selected group of people with
technical knowledge.

• Destruction of information in
the computer by spreading
virus.
Eg : Defacement, cyber terrorism
etc.

COMPUTER AS AN
INSTRUMENTALITY

• The crime is committed by
manipulating the contents of
computer systems.
• With the advent of computer the
criminal have started using the
technology as an aid for its
perpetuation.
Eg: Drug trafficking, money
laundering etc

CRIME ASSOCIATED WITH
PREVALENCE OF COMPUTERS

• Copyright violation
• Material copied from sources
that are not public domain or
compatibly licensed without
the permission of copyright
holder.
• Copyright violation causes
legal issues.

CYBER CRIME VARIANTS
Hacking
"Hacking" is a crime, which entails
cracking systems and gaining unauthorized
access to the data stored in them.
Cyber Squatting
Cyber Squatting is the act of registering a
famous Domain Name and then selling it for
a fortune.

Phishing
Acquiring information such as usernames,
password and credit card details by
disguising as a trustworthy entity.
India is among the top 15 countries hosting
"phishing" sites which aims at stealing
confidential information such as
passwords and credit card details.



Sale of illegal articles includes selling of
narcotic drugs, weapons, wildlife etc to
terrorists.



Email bombing refers to sending a large
amount of e-mails to the victim resulting in
crashing of victims e-mail account or mail
servers.



Data diddling is a kind of an attack which
involves altering of raw data just before it is
processed by a computer and then
changing it back after the processing is
completed.

Intellectual Property Crimes includes
software piracy, copyright infringement,
trademarks violations etc.
Theft of information contained in electronic
form-This includes information stored in
computer hard disks, removable storage
media etc.
Web defacement is usually the substitution
of the original home page of a website with
another page (usually pornographic or
defamatory in nature) by a hacker.

Cyber Defamation occurs when
defamation takes place with the
help of computers and or the
Internet e.g. e-mail containing
defamatory information about that
person.
What is defamation?
Defamation is the act of
harming the reputation of person
by making a false statement to
another.

Cyber Stalking refers to the use of the
Internet, e-mail, or other electronic
communications devices to stalk another
person.
Stalking generally involves harassing or
threatening behaviour that an individual
engages in repeatedly, such as following a
person, appearing at a person's home or
place of business, making harassing phone
calls, leaving written messages or objects, or
vandalizing a person's property.

Trojan Horse-A Trojan as this program is aptly
called, is an unauthorized program which
functions from inside what seems to be an
authorized program, thereby concealing what
it is actually doing.
Internet Time Theft -This connotes the usage
by unauthorized persons of the Internet hours
paid for by another person.
Web jacking -This occurs when someone
forcefully takes control of a website (by
cracking the password ). The actual owner of
the website does not have any more control
over what appears on that website.

Logic bombs are dependent programs.
This implies that these programs are
created to do something only when a
certain event occurs, e.g. some viruses
may be termed logic bombs because
they lie dormant all through the year and
become active only on a particular date.
E-Mail spoofing -A spoofed email is one
that appears to originate from one
source but actually has been sent from
another source. This can also be termed
as E-Mail forging

Salami attacks are used for the commission of
financial crimes. The key here is to make the
alteration so insignificant that in a single case
it would go completely unnoticed e.g. A bank
employee inserts a program into bank‟s
servers, that deducts a small amount from the
account of every customer.
Click jacking is a form of cyber attack where
the hacker uses an invisible layer over the
embedded web content (this could be an
image, video or button) to intercept and „hijack‟
you to a mirror website and mine information
from you.

Cyber terrorism is the premeditated use of
disruptive activities, or the threat thereof, in
cyber space, with the intention to further
social, ideological, religious, political or similar
objectives, or to intimidate any person in
furtherance of such objectives.
Eg: A simple propaganda in the Internet/SMS,
that there will be bomb attacks during the
holidays
Mobile pickpocketing (SMS/call fraud), or the
ability to charge a phone bill via SMS billing
and phone calls. Malware uses these
mechanisms to steal directly from user
accounts.

Keyloggers are regularly used in
computers to log all the strokes a
victim makes on the keyboard.
Eg: If a key logger is installed on a
computer which is regularly used
for online banking and other
financial transactions then their
passwords can be taken without the
knowledge of the user

CYBER LAW
Cyber law is a generic term which refers to
all the legal and regulatory aspects of
Internet and the World Wide Web. Anything
concerned with or related to or emanating
from any legal aspects or issues
concerning any activity of citizens in and
concerning Cyberspace comes within the
ambit of Cyber law.

Stored Communications Act which is passed in
1986 is focused on protecting the confidentiality,
integrity and availability of electronic
communications that are currently in some form
of electronic storage
Digital Millennium Copyright Act which is passed
in 1998 is a United States copyright law that
criminalizes the production and dissemination
of technology, devices
Electronic Communications Privacy Act of 1986
extends the government restrictions on wiretaps
from telephones.

Internet Spyware Prevention Act (I-SPY)
prohibits the implementation and use of
spyware.
Gramm-Leach-Bliley Act (GLBA) requires
financial institutions and credit
agencies increase the security of
systems that contain their customers‟
personal information.
Identity Theft and Aggravated Identity Theft
defines the conditions under which an
individual has violated identity theft
laws.

Under The Information
Technology Act, 2000
CHAPTER XI – OFFENCES – 66. Hacking with
computer system.
Whoever with the Intent to cause or knowing
that he is likely to cause Wrongful Loss or
Damage to the public or any person Destroys or
Deletes or Alters any Information Residing in a
Computer Resource or diminishes its value or
utility or affects it injuriously by any means,
commits hack.
(2) Whoever commits hacking shall be punished with
imprisonment up to three years, or with fine which may
extend up to two lakh rupees, or with both.

Information Technology Amendment Act, 2008
Section – 43,
Destroys, Deletes or Alters any Information
residing in a computer resource or diminishes its
value or utility or affects it injuriously by any
means;
Steals, conceals, destroys or alters or causes any
person to steal, conceal, destroy or alter any
computer source code used for a computer
resource with an intention to cause damage;
“If any person, dishonestly, or fraudulently, does
any act referred to in section 43, he shall be
punishable with imprisonment for a term which
may extend to two three years or with fine which
may extend to five lakh rupees or with both.”
[S.66]

S.66A - Punishment for sending offensive messages through
communication service, etc
Any person who sends, by means of a computer resource or a
communication device;
Any information that is grossly offensive or has menacing
character; or
Any information which he knows to be false, but for the purpose
of causing annoyance, inconvenience, danger, obstruction, insult,
injury, criminal intimidation, enmity, hatred, or ill will, persistently
makes by making use of such computer resource or a
communication device;
Any electronic mail or electronic mail message for the purpose of
causing annoyance or inconvenience or to deceive or to mislead
the addressee or recipient about the origin of such messages;
Shall be punishable with imprisonment for a term which may
extend to three years and with fine.

S. 66C - Punishment for identity theft
“Whoever, fraudulently or dishonestly make use of
the electronic signature, password or any other
unique identification feature of any other person,
shall be punished with imprisonment of either
description for a term which may extend to three
years and shall also be liable to fine which may
extend to rupees one lakh”
S. 66D - Punishment for cheating by personation
by using computer resource
“Whoever, by means of any communication device
or computer resource cheats by personation, shall
be punished with imprisonment of either
description for a term which may extend to three
years and shall also be liable to fine which may
extend to one lakh rupees. “

S. 66E - Punishment for violation of privacy.
“Whoever, intentionally or knowingly captures, publishes
or transmits the image of a private area of any person
without his or her consent, under circumstances
violating the privacy of that person, shall be punished
with imprisonment which may extend to three years or
with fine not exceeding two lakh rupees, or with both”
S. 67 A - Punishment for publishing or transmitting of
material containing sexually explicit act, etc. in electronic
form
“Whoever publishes or transmits or causes to be
published or transmitted in the electronic form any
material which contains sexually explicit act or conduct
shall be punished on first conviction with imprisonment
of either description for a term which may extend to five
years and with fine which may extend to ten lakh
rupees”

S. 67 C - Preservation and Retention of
information by intermediaries.
“(1) Intermediary shall preserve and retain such
information as may be specified for such
duration and in such manner and format as the
Central Government may prescribe.
(2) Any intermediary who intentionally or
knowingly contravenes the provisions of sub
section (1) shall be punished with an
imprisonment for a term which may extend to
three years and shall also be liable to fine.”

ARRESTS & REPORTS
UNDER IT ACT
Under the IT Act, 966 cybercrime cases were filed in 2010
420 in 2009)
Geographic breakdown of cases reported:
153 from Karnataka,
148 from Kerala
142 from Maharashtra
105 Andhra Pradesh
52 Rajasthan
52 Punjab
233 persons were arrested in 2010
33% of the cases registered were related to hacking
Source: National Crime Records Bureau

ARRESTS & REPORTS
UNDER IPC
Under the IPC,
356 cybercrime cases were registered in 2010 (276 cases
in 2009)

Geographic breakdown of cases reported -104 from Maharashtra
66 Andhra Pradesh
46 Chhattisgarh
The majority of these crimes were either forgery or
fraud cases.
Source: National Crime Records Bureau

SAFETY TIPS TO AVOID
CYBERCRIME
• Use anti-virus software and firewalls - keep
them up to date
• Keep your operating system up to date with
critical security updates and patches
• Don't open emails or attachments from
unknown sources

• Use hard-to-guess passwords. Don‟t use
words found in a dictionary. Remember that
password cracking tools exist
• Back-up your computer data on disks or
CDs often

• Don't share access to your computers
with strangers
• If you have a Wi-Fi network, password
protect it

• Disconnect from the Internet when not
in use
• Re evaluate your security on a regular
basis
• Make sure your employees and family
members know this info too!

FORENSICS
The use of science and technology to
investigate and establish facts in
criminal or civil courts of law.
Goal of computer forensics is to examine
digital media in a forensically sound
manner with the aim of identifying,
preserving, recovering, analyzing and
presenting facts and opinions about the
information.

HISTORY
Michael Anderson
“Father of computer forensics”

special agent with IRS
Meeting in 1988 (Portland, Oregon)
creation of IACIS, the International
Association of Computer Investigative
Specialists
the first Seized Computer Evidence
Recovery Specialists (SCERS) classes
held

WHY?
 The main task or the advantage from the computer
forensic is to catch the culprit or the criminal who is
involved in the crime related to the computers.
 Computer forensics has emerged as important part
in the disaster recovery management
 Ability to search through a massive amount of dataQuickly, Thoroughly and In any language
 The importance lies mainly in handling criminal
actions such as fraud, phishing, identity theft or
many other criminal activities

WHAT CYBER FORENSICS AIMS AT?
Identify root cause of an event to ensure it won‟t
happen again
– Must understand the problem before you
can be sure it won‟t be exploited again.
• Who was responsible for the event?
Most computer crime cases are not prosecuted

– Consider acceptability in court of law
as our standard for investigative practice.
– Ultimate goal is to conduct
investigation in a manner that will stand up to legal
scrutiny.
– Treat every case like a court case!

STEPS FOR COMPUTER FORENSICS

•Acquisition
•Identification

•Evaluation
•Presentation

DISADVANTAGES
It may happen in some cases that the privacy of the
client is compromised.
There are also the chances of introduction of some
malicious programs in the computer system that may
corrupt the data at a later stage of time.
It is also possible that the data is in dispute and
neither of the disputing parties can use the data. Due
to this reason the business operations may also be
affected.
Producing electronic records & preserving them is
extremely costly
Legal practitioners must have extensive computer
knowledge and vice versa

EDWARD JOSEPH SNOWDEN
(BORN JUNE 21, 1983) IS AN
AMERICAN COMPUTER
SPECIALIST AND FORMER CIA
EMPLOYEE AND NSA
CONTRACTOR WHO
DISCLOSED CLASSIFIED
DETAILS OF SEVERAL TOP
SECRET UNITED STATES,
ISRAELI, AND BRITISH
GOVERNMENT MASS
SURVEILLANCE PROGRAMS
TO THE PRESS. HE IS LIVING
IN RUSSIA UNDER
TEMPORARY POLITICAL
ASYLUM AND IS CONSIDERED
A FUGITIVE FROM JUSTICE
BY AMERICAN AUTHORITIES,
WHO HAVE CHARGED HIM
WITH ESPIONAGE AND THEFT
OF GOVERNMENT PROPERTY.

A FINAL WORD

Treat your password like
you treat your tooth
brush. Never give to any
one else to use, and
change it every few
months

Cyber crime

Cyber crime

Recommandé

Contenu connexe

Tendances

Tendances(20)

En vedette

En vedette(20)

Similaire à Cyber crime

Similaire à Cyber crime (20)

Plus de Soreingam Ragui

Plus de Soreingam Ragui(8)

Dernier

Dernier(20)

Cyber crime